THREATNOIR
Subscribe
Back to Feed
MalwareJun 23, 2026

FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist

Attackers exploit FortiGate firewalls to steal credentials using a Golang-based sniffer.

Read at source

Summary

A global campaign is actively exploiting vulnerabilities in FortiGate firewalls, turning them into credential-stealing devices. Threat actors have developed a Golang-based sniffer that targets approximately 430,000 firewalls, successfully identifying over 110 million credentials.

Indicators of Compromise

  • malware — Golang-based sniffer

Entities

FortiGate (product)firewalls (technology)credentials (technology)